HIPAA rules apply to all healthcare organizations and providers, especially related to the electronic medical record information to which the entire healthcare system is transitioning.

It sets forth rules for disclosure — or not — of health information according to the desires of the patient (your senior loved one).

Some states may have stricter laws regarding patient privacy and these will supersede the federal HIPAA regulations.

Who Has Access to Health Data?

HIPAA privacy rules stipulate that the person (the patient/your senior) designates who will have access to their health information. The person they name is their personal representative.

It covers all types of healthcare information, including mental health records, as long as the person with whom the information is shared is allowed and given permission to receive the information.

If your senior does not allow you to access health data, you will not be able to learn about their medical conditions, medications or other health history.

However, a patient can designate anyone to be privy to their information, including family, friends, healthcare facilities, paid caregivers and others.

This will be true only if the patient, in this case your senior loved one, is of sound mind at the time. If under the influence of medications, on life saving measures such as mechanical ventilation or unconscious, it will be the decision of the doctor who can and should get any pertinent medical information.

Role of Family Caregivers

If you accompany your senior into a medical exam, a physician will likely feel that discussing your senior’s condition and treatment with you is acceptable to your senior.

In most situations, family caregivers will be able to learn medical information about their senior loved ones unless your senior has expressly denied access to you and made the healthcare team aware of this decision.

We should all be aware that in the event that a threat to your senior’s health and safety occurs, even this wish to deny access can be overridden.

Anyone can be a designee for full medical information access – it could be an ex-spouse, child or same sex partner. As long as the patient has stated that their information could be shared, then it will be.

Other HIPAA Rights

In addition to being able to be specific about who can and can’t have access to medical information, HIPAA rules also give the patient other rights.

The patient has the right of ownership of their medical information. It also allows that you will not be excluded from health insurance coverage for a pre-existing health condition (portability for you when changing carriers).

The patient can view their health record and obtain copies of it as well. You are subject to the cost of printing your medical record but not charged for the provider to search for or retrieve your records.

The patient can also request corrections to the medical record if something they find contained therein is in error.

Providers Must Keep Data Secure and Confidential

HIPAA includes standards that healthcare providers must meet to keep your data secure and confidential.

Cyber security is taken seriously, including how your records are copies on digital copiers, who has access to the electronic medical information, how medical staff share and communicate your health data, malicious software, and protect your information from medical identity theft.

It is also required that you be contacted if any breach occurs in your health record. A breach can occur whenever your protected health information is disclosed. You must be notified of any breach in a timely manner. Violators are held accountable for breaches with civil and criminal penalties.

If you feel your information was not handled properly, you have the right to file a complaint, either in writing or online through the Office for Civil Rights (OCR). You can also file a complaint directly with the provider, according to their protocols.

Patient Burdens Under HIPAA

Seniors, and all of us, have found HIPAA to be a benefit to us and our ability to know what is in our medical record and restrict its transfer to people we don’t approve.

However, there have been some drawbacks to us as patients due to the medical profession trying to remain in compliance without violating (or even appearing to violate) the rule.

Gone are the days of getting any health information, such as test results, by mail. Most are put into a patient portal so that you can view them online.

Seniors may continue to prefer a paper copy and if so, will have to go in person to the medical office to pick it up.

It has become more difficult for doctors to share patient information with other sources, even if it is in the best interest of the patient. It can and will be shared, but more paperwork is needed to do so.

One downside to the extra steps required for medical professionals to share your health data is the time it takes to get the proper paperwork completed will cost the senior patient treatment time. The time it takes could have an impact on medical outcomes if treatment is delayed.

Costs of Data Privacy and Security

The mountain of paperwork HIPAA has created for healthcare systems and doctors can be burdensome for some practitioners and certainly has affected the cost of doing business which consumers will bear. In addition, the cost of security systems and staff training has increased to remain compliant which again increases the cost of healthcare for the consumer.

Healthcare is limited in the use of your medical records for research purposes without your permission. They were able to use it much more freely before HIPAA, so we are hearing the restrictions can hamper valuable medical studies.

Even though there are some negative outcomes, overall the positives outweigh the negatives.

Our medical records and health data are more secure and we have more rights concerning our medical data, with improved protections in place.

By far the greatest improvement from HIPAA is that it puts us in control of our own health information.